BleepingComputer reports that more than 200 domains have been leveraged in a new massive typosquatting campaign spoofing 27 different brands to distribute Windows and Android malware.
Widely-used Android app stores, including Google Play, APKPure, and APKCombo, as well as TikTok, VidMate, PayPal, and Snapchat download portals have been mimicked by the domains in an effort to deliver the ERMAC banking trojan, which targets 467 banking and cryptocurrency apps, according to a report from Cyble.
Meanwhile, more than 27 popular brands were discovered by BleepingComputer to have been used in a much wider typosquatting campaign by the same attackers, which sought to deploy Windows and Android malware, as well as exfiltrate cryptocurrency recovery keys.
BleepingComputer found that a typosquat site for the popular Notepad++ text editor enables installation of the Vidar Stealer malware. Vidar Stealer is also deployed by typosquatted Thunderbird, Microsoft Visual Studio Core, and Brave browser sites.
Meanwhile, the fake Tor Project site facilitates deployment of the Agent Tesla keylogger and remote access trojan.
Fifty percent more distributed denial-of-service attacks have been launched by threat actors during the first quarter of 2024 over the same period last year, with thwarted DDoS attacks increasing by 93% year-over-year, SiliconAngle reports.
Security Affairs reports that attacks with an updated iteration of the LightSpy iOS spyware using the "F_Warehouse" framework have been deployed against Southern Asian targets as part of a new cyberespionage campaign.
Operations of Russia's industrial sensor and monitoring infrastructure were claimed to have been disrupted by Ukrainian hacking operation Blackjack following a Fuxnet malware attack against Moscow-based underground infrastructure firm Moscollector, reports SecurityWeek.